CANsee: An Automobile Intrusion Detection System

Automotive security is a hot research area but up till now, research has only centered around how to attack with no single complete solution for defense.

After 2 years of research, I have developed a machine learning based IDS for automobiles to detect abnormal traffic on the CANBUS and built a very low-cost device that can be used to capture raw CAN traffic and wirelessly transmit the data to a computer, mobile phone, or a central server for further analysis. I call this device CANsee – an IDS designed to be deployed as an accessory to detect abnormal behavior of any node on a vehicles internal network.

In this session, I will briefly introduce the inner workings of a modern automobile and summarize the attack vectors available and will then explain how we can use CANsee to detect anomalous behavior. In addition, I will fully open source CANsee at HITBSecConf2016 – Amsterdam including schematics, bill of materials and source code. We may also give out some free samples 🙂